Presentation Details:
Microsoft’s Internet Explorer team is on the frontline of the
battle to protect users from malware and social attacks. Tony Chor will
outline threats to secure browsing, discuss Microsoft’s response with
Internet Explorer for Windows XP SP2, and detail the implementation of
safety features in the upcoming Internet Explorer 7.0, such as the Phishing
Filter and Protected Mode.

Presentation Details: The first real viruses infecting mobile phones were found during late 2004.
Since then, dozens of different viruses and Trojans - including cases like
Commwarrior, Lasco and Skulls - have been found. Mobile phone viruses use
totally new spreading vectors such as Multimedia messages and Bluetooth. How
exactly do these mobile viruses work? We’ll have a look at their code and
discuss what factors affect their spreading speeds. Virus writers have
always been trying to attack new platforms. What draws them now towards the
mobile phone? Are phones as a platform simply widespread enough, or is the
possibility of making easy money via phone billing systems driving this
development? Where are we now and what can we expect to see in the Mobile
Malware of the future?

Presentation Details: Over 70% of all the open ports on the Internet are web servers. In order to
effectively evaluate an organization’s Internet security posture we must be
able to effectively assess web server security. This talk takes a
comprehensive look at the question of assessing web server security over the
Internet. During the talk we consider the progress that has been made in web
server security over the last few years, and the progress that has been made
in attacking web servers over the same time. We visit the new
vulnerabilities introduced by web applications and discuss the thinking
applied to discover such vulnerabilities. Finally, we describe the state of
the art of web server scanning technology.

Presentation Details: The general public sentiment is that the banks, having always been the
guardians of our money, are expert at safeguarding it. Unfortunately,
internet corporate banking and personal banking applications are usually
ridden with bugs. Internet Banking Applications development is nowadays
out-sourced to third party software vendors that have poor understanding of
security, and incomplete quality management processes. Most of the time the
applications are extremely insecure before they get audited by security
professional third-parties. This presentation will demonstrate the various
attacks that almost always work (and those that do not), on your
“bank-next-door” internet banking application, illustrated with real life
statistics. We will outline the regular technical attacks and will focus on
a hit parade of business logic attacks. We will steal money from other
customers, buy shares for free, and spy on other customers bank records
among many other frauds. This demonstration will highlight the solutions to
some of the challenges the banks will face online to ensure that their data
handling practices are compliant with their country’s privacy regulations
and banking regulations among others.

6.)

Presentation Title: Java & Secure ProgrammingSpeaker: Marc Schonefeld

Presentation Details:
Java is not secure by default, you as a programmer can use its
built-in features to make your software more secure, but on the other hand
your errors and the flaws in the software stack below (like the JDK) can add
a wide range of vulnerabilities to your java based software. The talk is
about the causes and effects of coding errors and the techniques to detect
them, demonstrated with findings in the current Sun JDK. During the talk we
describe “Antipatterns” that have negative influence on coding quality.
Antipatterns are related to design patterns but they have more negative than
positive side effects while solving a general problem. Other problems
discussed are language specific issues like non-final static fields and JDK
framework issues like serialisation problems, privileged code and insecurity
caused by security-unaware component deployment. All antipatterns are
illustrated by real-life vulnerabilities, most of them documented by the
corresponding advisories. The underlying code problems were discovered with
the help of automated detectors. These detectors are optionally presented in
a code-walkthrough.

7.)

Presentation Title:
Analyzing Code for Security Defects

Speaker: Nish Bhalla

Presentation Details: The objective of the talk is understanding how to review large code bases
for security defect. It can be used as methodology to identify security
problems when reviewing code. The overall focus will be on the finding
security vulnerabilities and the implementation of countermeasures however,
the same techniques can also be implemented to help develop secure
development practices. Reviewing code to find vulnerabilities is becoming
more and more common. Reviewing code is not only useful from a developers
point of view but also from an attacker’s point of view. The talk will cover
basics of threat analysis, how to assess threats and what are some of the
vulnerabilities that could exists in code when performing code reviews for
large code bases.

Presentation Details:
An impressionistic overview of what makes the difference today and in the
future (in the digital playground) in the balance of power between economic
and military powers. The presentation will also cover a description of the
business behind espionage worldwide as well as the asymmetric organizations
that are the real master of puppets.

Presentation Details:
The number of reported security incidents has always been
proportional to the number of vendor-issued vulnerabilities. However,
recently this trend seems to have broken. This can be attributed to an
increase in attacks against custom applications, attacks targeting
end-users, zero-day exploits, and self-propagating worms. This presentation
will discuss such trend-breaking real world attacks ranging from the
installation of keystroke-logging Trojans on end-user machines through an IE
buffer overflow to attacks against wireless clients. Each case study will
discuss the motivation of the attack, an overview of the underlying
technical details and its impact on business.

Presentation Details: The presentation aims towards
defining a detailed list of vital operating system parts as well as a
methodology for malware detection. The list will start on such basic
levels as actions needed for file system and registry integrity
verification, go through user-mode memory validating (detecting additional
processes, hooked DLLs, injected threads, etc…) and finally end on such
advanced topics as defining vital kernel parts which can be altered by
modern rootkit-based malware (with techniques like Raw IRP hooking, various
DKOM based manipulations or VMM cheating) By no means will the presented
list be complete, however, the author believes that, in contrast to what
many other people may think, there is only a finite number of methods which
can be used by malware to compromise a system and hopefully in the future
(with the help of the community) the list will “stabilize” and become more
complete. Such a reference roadmap/list, will help raise the level of
awareness on what is still missing with regards to malware detection and
will hopefully stimulate the creation of better detection tools, leaving
less and less space for malware to survive.

The presentation will be supported with live demos, in which some
interesting malware will be shown as well as detection tools catching it (including
some new tools from the author). Some of the topics will be touched
briefly (like file system verification), while some other areas, like
kernel-level integrity verification will be discussed very deeply (together
with description of the latest advances in rootkit technology). At the end,
the subject of implementation specific attacks against malware detectors
will be briefly discussed. The presentation will focus on the Windows
2000/XP/2003 family of operating systems.

1.)

Presentation Title: Project BlinkenlightsSpeaker: Tim Pritlove

Presentation Details:

B L I N K E N L I G H T S

In 2001, Project Blinkenlights developed the “Blinkenlights light
installation in Berlin, Germany turning the “Haus des Lehrers building at
Alexanderplatz into a huge computer screen, worlds most interactive light
installation achieving a broad range of public participation. The “screen
consisted of 18 windows in 8 ﬂoors therefore providing a matrix of 144
monochrome “pixels that could be individually turned on and off.
Blinkenlights combined the charme of a low tec installation with
high-profile computer programming and managed to deliver a high level of
participation for the public. People could send in their own animations to
be played back on the screen. They could also play the classic computer game
Pong in real time just using their mobile phone.

A R C A D E

Encouraged by the great success of the installation, the group got
invited to join the Nuit Blanche art exhibition in 2002 in Paris to create
the successor project named “Arcade. Targetting the Biblioth que nationale
de France, the group managed to build worlds big gest interactive light
installation so far. The installation made use of greyscaling redefining the
appearance and flexibility compared to the original installation. The screen
used 26 windows on 20 ﬂoors resulting in 520 “pixels. Each pixel allowed
displaying 8 dierent brightnesses. The installation covered 3370 square
meters making it visible from many kilometers away.

2.)

Presentation Title: Hacking Windows CESpeaker: San

Presentation Details: The network features of PDAs and
mobiles are becoming more and more powerful, so their related security
problems are attracting much more attention. This paper will show a buffer
overflow exploitation example in Windows CE. It will cover knowledge about
the ARM architecture, memory management and the features of processes and
threads of Windows CE. It will also shows how to write a shellcode in
Windows CE including knowledge about decoding shellcode of Windows CE.

Presentation Title: VoIPhreaking: How to make free phone
calls and influence peopleSpeaker: The Grugq

Presentation Details: The recent explosion in internet
telephony has led to the exposure of the (previously) closed Public Service
Telephone Network (PSTN) to the wilds of the internet. Voice over IP (VoIP)
technology presents new and interesting security challenges, many of which
are completely ignored until after deployment. These security issues, such
as new avenues for fraud, present serious risks to tradition telephony
companies. This talk explores the technologies behind VoIP infrastructures,
focusing on their weaknesses and faults. LIVE DEMOS will help
illustrate that attacks which violate VoIP system security are not only
practical, but are already here. The era of VoIPhreaking has begun.

Presentation Details: “You might say there are two
specialties within the job classification of con artist. Somebody who
swindles and cheats people out of their money belongs to one sub-specialty,
the grifter. Somebody who uses deception, influence, and persuasion against
businesses, usually targeting their information, belongs to the other
sub-specialty, the social engineer.” -Kevin Mitnik

In today’s world confidence scams present quite possibly the highest
threat to security with in the business world. Control of information,
withholding and leaking, can lead to massive failures and losses depending
on how skilled the attacker may be. In combination with disinformation and
propaganda, social engineering can as fatal as or even lead to loss of
customer and shareholder confidence.

Presentation Details: Previously, gathering data was a
difficult task, and so simple data analysis techniques worked well. now with
access to information increasing, and the need to get an even broader
coverage of events, making sense of mountains of data has never been more
pressing. The great risk in this scenario is missing an indicator or losing
data. This presentation will introduce you to a number of techniques for
making sense of large collections of data, including sorting and clustering
techniques, fuzzy matching, and trend analysis. These techniques have
applicability in numerous applications, such as mail filtering and network
event analysis.

Presentation Details: Meder and Fyodor have been working on their
concept of common framework to unify offensive part of heterogeneous
security data and security tools into a single unit - security tools
framework. At this conference they will be presenting the evolution of STIF
framework into what they call now “STIF-ware” - a set of STIF relevant
modules that would allow the computer security hobbists to build, control
and monitor the distributed network of “automated hacking” agents, guided by
set of goals and targets, assigned to the system.

Presentation Details: Web attacks are on the rise and
new methods of hacking are evolving. This presentation will cover new
methodologies for web application footprinting, discovery and information
gathering with a new range of tools. Web applications are getting exploited
using various new injection techniques like advanced SQL injection, LDAP
query, XPATH goofing etc. All these new exploit methods will be discussed.
The HTTP stack is changing in application frameworks like .NET. The stack
can be utilized for defense using HTTP interfaces. Defense methodology for
web applications are required to combat new threats emerging in the field.

Presentation Details: It’s cool to live in a wireless
world. Wireless is the latest thing. It’s the excitement of the year. It’s
the expectation for the decade. Bandwidth for the masses is the hopeful war
cry of the tech
evangelist. The elusive last mile solution. Hotels, airports,
coffee shops, pubs, and many places provide Wi-Fi hotspots for
yuppies, executives campaign for mobile workplaces, PDAs and smartphones are
the latest determiner for the hip. This presentation will cover the basic
approach behind Wi-Fi hotspot security design and architecture. During the
presentation, vulnerabilities and methods for exploiting Wi-Fi hotspot will
be showed.

10.)

Presentation Title: Cyber SkirmishesSpeaker: Zubair Khan

Presentation Details: High-tech information warfare is fast
becoming a reality. The term information warfare covers a wide range of
activity, including corporate and military espionage and intelligence
collection, psychological operations and perception management, attacks on
communication systems, consumer fraud, and information piracy. In addition,
the concept covers specifically computer-related issues: viruses, Trojan
horses, and deliberate and targeted hacking efforts such as computer
break-ins and denial-of-service attacks (where hackers flood an Internet
server with traffic to overload and disable it). Cyber warfare is
politically-motivated computer hacking that inflicts severe societal harm,
and may also effect nation’s economy and defense. Cyber Warfare is so rapid
that it may not give an opponent enough time to “surrender” before permanent
and devastating damage is done. It has recently become of increasing
importance to the military, the intelligence community, and the business
world. Military planners are now imagining soldiers at computer terminals
silently invading foreign networks to shut down radars disable electrical
facilities and disrupt phone services.